CN112352402B - 生成装置、生成方法和记录介质 - Google Patents

生成装置、生成方法和记录介质 Download PDF

Info

Publication number
CN112352402B
CN112352402B CN201980044171.5A CN201980044171A CN112352402B CN 112352402 B CN112352402 B CN 112352402B CN 201980044171 A CN201980044171 A CN 201980044171A CN 112352402 B CN112352402 B CN 112352402B
Authority
CN
China
Prior art keywords
abnormality
information
unit
pattern
generation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201980044171.5A
Other languages
English (en)
Chinese (zh)
Other versions
CN112352402A (zh
Inventor
中津留毅
佐藤友康
南拓也
藤木直人
泉雅巳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nippon Telegraph and Telephone Corp
Original Assignee
Nippon Telegraph and Telephone Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Telegraph and Telephone Corp filed Critical Nippon Telegraph and Telephone Corp
Publication of CN112352402A publication Critical patent/CN112352402A/zh
Application granted granted Critical
Publication of CN112352402B publication Critical patent/CN112352402B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Debugging And Monitoring (AREA)
CN201980044171.5A 2018-07-02 2019-07-02 生成装置、生成方法和记录介质 Active CN112352402B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
JP2018-126189 2018-07-02
JP2018126189A JP7052602B2 (ja) 2018-07-02 2018-07-02 生成装置、生成方法及び生成プログラム
PCT/JP2019/026239 WO2020009094A1 (ja) 2018-07-02 2019-07-02 生成装置、生成方法及び生成プログラム

Publications (2)

Publication Number Publication Date
CN112352402A CN112352402A (zh) 2021-02-09
CN112352402B true CN112352402B (zh) 2023-03-28

Family

ID=69060411

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201980044171.5A Active CN112352402B (zh) 2018-07-02 2019-07-02 生成装置、生成方法和记录介质

Country Status (6)

Country Link
US (1) US11985151B2 (de)
EP (1) EP3799367B1 (de)
JP (1) JP7052602B2 (de)
CN (1) CN112352402B (de)
AU (1) AU2019298538B2 (de)
WO (1) WO2020009094A1 (de)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2021189721A (ja) * 2020-05-29 2021-12-13 富士フイルムビジネスイノベーション株式会社 情報処理装置及び情報処理プログラム
WO2023145044A1 (ja) * 2022-01-31 2023-08-03 日本電気株式会社 機器検証システム、機器検証方法、および記録媒体
WO2024180621A1 (ja) * 2023-02-27 2024-09-06 日本電信電話株式会社 異常検出装置、異常検出方法および異常検出プログラム

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101803305A (zh) * 2007-09-28 2010-08-11 日本电信电话株式会社 网络监视装置、网络监视方法及网络监视程序
CN102460529A (zh) * 2009-06-11 2012-05-16 株式会社日立制作所 装置异常监视方法以及系统
CN104518905A (zh) * 2013-10-08 2015-04-15 华为技术有限公司 一种故障定位方法及装置
CN105209987A (zh) * 2013-06-13 2015-12-30 欧姆龙株式会社 信息处理装置、信息处理装置的控制方法及控制程序
WO2017154844A1 (ja) * 2016-03-07 2017-09-14 日本電信電話株式会社 分析装置、分析方法および分析プログラム

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090271504A1 (en) * 2003-06-09 2009-10-29 Andrew Francis Ginter Techniques for agent configuration
JP2006041969A (ja) 2004-07-28 2006-02-09 Mitsubishi Electric Corp ネットワーク監視装置及びネットワーク監視方法及びプログラム
US7434261B2 (en) 2004-09-27 2008-10-07 Microsoft Corporation System and method of identifying the source of an attack on a computer network
JP5655191B2 (ja) 2011-06-28 2015-01-21 日本電信電話株式会社 特徴情報抽出装置、特徴情報抽出方法および特徴情報抽出プログラム
EP2737404A4 (de) * 2011-07-26 2015-04-29 Light Cyber Ltd Verfahren zum nachweis einer anomalen aktion innerhalb eines computernetzes
US9558053B1 (en) * 2015-06-26 2017-01-31 Amazon Technologies, Inc. Computer systems monitoring using beat frequency analysis
US10102054B2 (en) * 2015-10-27 2018-10-16 Time Warner Cable Enterprises Llc Anomaly detection, alerting, and failure correction in a network
JP6430356B2 (ja) 2015-10-30 2018-11-28 日本電信電話株式会社 検知方法及び検知システム
US10230745B2 (en) * 2016-01-29 2019-03-12 Acalvio Technologies, Inc. Using high-interaction networks for targeted threat intelligence
JP6774636B2 (ja) 2016-12-08 2020-10-28 日本電気株式会社 異常分析方法、プログラムおよびシステム
EP3635914B1 (de) * 2017-06-09 2021-04-14 British Telecommunications Public Limited Company Anomalie-detektion in computernetzwerken

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101803305A (zh) * 2007-09-28 2010-08-11 日本电信电话株式会社 网络监视装置、网络监视方法及网络监视程序
CN102460529A (zh) * 2009-06-11 2012-05-16 株式会社日立制作所 装置异常监视方法以及系统
CN105209987A (zh) * 2013-06-13 2015-12-30 欧姆龙株式会社 信息处理装置、信息处理装置的控制方法及控制程序
CN104518905A (zh) * 2013-10-08 2015-04-15 华为技术有限公司 一种故障定位方法及装置
WO2017154844A1 (ja) * 2016-03-07 2017-09-14 日本電信電話株式会社 分析装置、分析方法および分析プログラム

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Event correlation for detecting advanced multi-stage cyber-attacks;SPADARO,A;《https://repository.tudelft.nl/islandora/object/uuid:d7d43988-f1b0-4549-8b44-3b5c9f1f401b/datastream/OBJ/download》;20130628;正文第31-34页 *

Also Published As

Publication number Publication date
EP3799367A4 (de) 2022-03-09
WO2020009094A1 (ja) 2020-01-09
AU2019298538A1 (en) 2021-01-21
US11985151B2 (en) 2024-05-14
EP3799367B1 (de) 2023-03-08
CN112352402A (zh) 2021-02-09
JP2020005234A (ja) 2020-01-09
EP3799367A1 (de) 2021-03-31
US20210273963A1 (en) 2021-09-02
JP7052602B2 (ja) 2022-04-12
AU2019298538B2 (en) 2022-04-21

Similar Documents

Publication Publication Date Title
US10972493B2 (en) Automatically grouping malware based on artifacts
EP3814961B1 (de) Analyse von schadprogrammen
JP7544738B2 (ja) ロギングによる機密データの暴露の検出
US10176321B2 (en) Leveraging behavior-based rules for malware family classification
US10200390B2 (en) Automatically determining whether malware samples are similar
EP3882799B1 (de) Computersicherheitsereignisanalyse
AU2015380394B2 (en) Methods and systems for identifying potential enterprise software threats based on visual and non-visual data
CN114679329B (zh) 用于基于赝象对恶意软件自动分组的系统
US11356467B2 (en) Log analysis device, log analysis method, and log analysis program
CN112352402B (zh) 生成装置、生成方法和记录介质
JP6401424B2 (ja) ログ分析装置、ログ分析方法およびログ分析プログラム
WO2020046458A1 (en) Increasing security of network resources utilizing virtual honeypots
US11423099B2 (en) Classification apparatus, classification method, and classification program
JP6864610B2 (ja) 特定システム、特定方法及び特定プログラム
US20230259612A1 (en) Exploit detection in a cloud-based sandbox
US11928208B2 (en) Calculation device, calculation method, and calculation program
US12124572B2 (en) Anomalous activity detection in container images
US20220245249A1 (en) Specific file detection baked into machine learning pipelines
JP2016525750A (ja) 合法的オブジェクトの誤用の識別
Sisi Creation of a Dataset Modeling the Behavior of Malware Affecting the Confidentiality of Data Managed by IoT Devices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant